Cyber Defense – Senior Incident Responder
|CME Group: Where Futures Are Made|
CME Group (www.cmegroup.com) is the world’s leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it – all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day – whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 2,500 employees located around the world, we’re small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we’re looking for more.
The Cyber Defense Incident Responder position will be responsible for incident response operations of CME Group, supporting global incident response activities. The candidate needs a firm understanding of all aspects of IT Security including current threats and vulnerabilities in the industry in order to effectively identify, contain and remediate incidents facing CME Group.
Respond to cyber security incidents by collecting, analyzing and preserving digital evidence
Participate and assist in responding to global security incidents
Provide a point of escalation for incidents within various business units.
Ability to manage multiple incidents at a single time.
This position will monitor incidents submitted and establishing correlation to broader threats when they may exist.
Analyze and respond to unauthorized activity within the global computing environment while managing the identification, containment, eradication, recovery and lessons learned / root cause analysis documentation.
Contribute to Incident Response process definition and the development and maintenance of documented procedures and techniques, including process integration with any 3rd party vendors, internal IT organizations, etc.
Participates in efforts to drive Incident Response application updates necessary to collect various key metrics for reporting to senior management.
Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks
Communicate effectively with representatives of the business, technology specialists, and vendors
Gather forensic evidence for analysis, investigation, disciplinary action or criminal investigation.
Conduct advanced computer and network forensic investigation functions.
Provide training and expertise to junior Incident Responders
Participate in leadership groups throughout the company to plan and test incident response capabilities
Performs other duties as requested
• Bachelor’s degree in relevant subject or equivalent experience
• Substantial experience in information security related positions, preferably in Incident Management, event analysis, penetration testing.
• Strong investigation and analytical skills
• Experience in process documentation creation (i.e. Run Books, SOP’s, Post Incident Reports.)
• Strong investigation and analytical skills.
• Substantial experience in some (not all) of the following;
o Windows or Unix/Linux operating systems
o Security administration
o Network security including TCP/IP networking and firewall concepts
o Vulnerabilities and remediation
• Thorough knowledge of information security components, principles, practices, and procedures
• Ability to effectively communicate at all levels of the organization including both technical and non-technical, management and senior leadership.
• Relevant Experience in using security tools (scanners, Intrusion Detection Systems, and security analysis tools both on the network and on host based systems).
• Expert knowledge of information security issues, trends and leading practices.
• A holistic understanding of attack vectors, current threats, and remediation strategies is essential for this role.
• Awareness of Digital Forensic Analysis tools, forensics concepts and procedures
• Have a firm understanding of outside security threats and risks to an information technology infrastructure and use those skills to develop custom incident response protocols as deemed necessary.
Prior experience in security development and implementation of tools is desirable.
Preferred Certifications: One or more of the following certification designations is preferred
o GIAC Certified Incident Handler - GCIH
o GIAC Certified Intrusion Analyst – GCIA
o GIAC Certified Forensic Examiner - GCFE
o GIAC Certified Forensic Analyst - GCFA
o Certified Information Systems Security Professional - CISSP
As the world’s leading and most diverse derivatives marketplace, CME Group (www.cmegroup.com) is where the world comes to manage risk. Based in Chicago, with offices in New York, London, Singapore, Calgary, Houston, São Paulo, Singapore, Tokyo and Washington D.C., our team of more than 2,500 employees has an impact on the global economy every day. We offer:
With this strong foundation in place, we are looking to continue growing our business in both listed and over-the-counter markets. To support this growth, we are seeking highly motivated individuals to help foster our corporate culture and uphold our core values of leading with conviction and integrity, advancing the global economy, building lasting relationships and acting with ingenuity every day.
We hope you will consider joining our world-class team.
Are you a returning applicant?
|Back to Search Results